| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 1 | /* | 
|  | 2 | * Copyright (C) 2018 The Android Open Source Project | 
|  | 3 | * | 
|  | 4 | * Licensed under the Apache License, Version 2.0 (the "License"); | 
|  | 5 | * you may not use this file except in compliance with the License. | 
|  | 6 | * You may obtain a copy of the License at | 
|  | 7 | * | 
|  | 8 | *      http://www.apache.org/licenses/LICENSE-2.0 | 
|  | 9 | * | 
|  | 10 | * Unless required by applicable law or agreed to in writing, software | 
|  | 11 | * distributed under the License is distributed on an "AS IS" BASIS, | 
|  | 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | 
|  | 13 | * See the License for the specific language governing permissions and | 
|  | 14 | * limitations under the License. | 
|  | 15 | */ | 
|  | 16 |  | 
|  | 17 | #include "llkd.h" | 
|  | 18 |  | 
|  | 19 | #include <ctype.h> | 
|  | 20 | #include <dirent.h>  // opendir() and readdir() | 
|  | 21 | #include <errno.h> | 
|  | 22 | #include <fcntl.h> | 
|  | 23 | #include <pthread.h> | 
|  | 24 | #include <pwd.h>  // getpwuid() | 
|  | 25 | #include <signal.h> | 
|  | 26 | #include <stdint.h> | 
|  | 27 | #include <sys/cdefs.h>  // ___STRING, __predict_true() and _predict_false() | 
|  | 28 | #include <sys/mman.h>   // mlockall() | 
|  | 29 | #include <sys/prctl.h> | 
|  | 30 | #include <sys/stat.h>     // lstat() | 
|  | 31 | #include <sys/syscall.h>  // __NR_getdents64 | 
|  | 32 | #include <sys/sysinfo.h>  // get_nprocs_conf() | 
|  | 33 | #include <sys/types.h> | 
|  | 34 | #include <time.h> | 
|  | 35 | #include <unistd.h> | 
|  | 36 |  | 
|  | 37 | #include <chrono> | 
|  | 38 | #include <ios> | 
|  | 39 | #include <sstream> | 
|  | 40 | #include <string> | 
|  | 41 | #include <unordered_map> | 
|  | 42 | #include <unordered_set> | 
|  | 43 |  | 
|  | 44 | #include <android-base/file.h> | 
|  | 45 | #include <android-base/logging.h> | 
|  | 46 | #include <android-base/parseint.h> | 
|  | 47 | #include <android-base/properties.h> | 
|  | 48 | #include <android-base/strings.h> | 
|  | 49 | #include <cutils/android_get_control_file.h> | 
|  | 50 | #include <log/log_main.h> | 
|  | 51 |  | 
|  | 52 | #define ARRAY_SIZE(x) (sizeof(x) / sizeof(*(x))) | 
|  | 53 |  | 
|  | 54 | #define TASK_COMM_LEN 16  // internal kernel, not uapi, from .../linux/include/linux/sched.h | 
|  | 55 |  | 
|  | 56 | using namespace std::chrono_literals; | 
|  | 57 | using namespace std::chrono; | 
| Mark Salyzyn | 52e54a6 | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 58 | using namespace std::literals; | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 59 |  | 
|  | 60 | namespace { | 
|  | 61 |  | 
|  | 62 | constexpr pid_t kernelPid = 0; | 
|  | 63 | constexpr pid_t initPid = 1; | 
|  | 64 | constexpr pid_t kthreaddPid = 2; | 
|  | 65 |  | 
|  | 66 | constexpr char procdir[] = "/proc/"; | 
|  | 67 |  | 
|  | 68 | // Configuration | 
|  | 69 | milliseconds llkUpdate;                              // last check ms signature | 
|  | 70 | milliseconds llkCycle;                               // ms to next thread check | 
|  | 71 | bool llkEnable = LLK_ENABLE_DEFAULT;                 // llk daemon enabled | 
|  | 72 | bool llkRunning = false;                             // thread is running | 
|  | 73 | bool llkMlockall = LLK_MLOCKALL_DEFAULT;             // run mlocked | 
| Mark Salyzyn | afd66f2 | 2018-03-19 15:16:29 -0700 | [diff] [blame] | 74 | bool llkTestWithKill = LLK_KILLTEST_DEFAULT;         // issue test kills | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 75 | milliseconds llkTimeoutMs = LLK_TIMEOUT_MS_DEFAULT;  // default timeout | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 76 | enum {                                               // enum of state indexes | 
|  | 77 | llkStateD,                                       // Persistent 'D' state | 
|  | 78 | llkStateZ,                                       // Persistent 'Z' state | 
|  | 79 | #ifdef __PTRACE_ENABLED__                            // Extra privileged states | 
|  | 80 | llkStateStack,                                   // stack signature | 
|  | 81 | #endif                                               // End of extra privilege | 
|  | 82 | llkNumStates,                                    // Maxumum number of states | 
|  | 83 | };                                                   // state indexes | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 84 | milliseconds llkStateTimeoutMs[llkNumStates];        // timeout override for each detection state | 
|  | 85 | milliseconds llkCheckMs;                             // checking interval to inspect any | 
|  | 86 | // persistent live-locked states | 
|  | 87 | bool llkLowRam;                                      // ro.config.low_ram | 
|  | 88 | bool khtEnable = LLK_ENABLE_DEFAULT;                 // [khungtaskd] panic | 
|  | 89 | // [khungtaskd] should have a timeout beyond the granularity of llkTimeoutMs. | 
|  | 90 | // Provides a wide angle of margin b/c khtTimeout is also its granularity. | 
|  | 91 | seconds khtTimeout = duration_cast<seconds>(llkTimeoutMs * (1 + LLK_CHECKS_PER_TIMEOUT_DEFAULT) / | 
|  | 92 | LLK_CHECKS_PER_TIMEOUT_DEFAULT); | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 93 | #ifdef __PTRACE_ENABLED__ | 
|  | 94 | // list of stack symbols to search for persistence. | 
|  | 95 | std::unordered_set<std::string> llkCheckStackSymbols; | 
|  | 96 | #endif | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 97 |  | 
|  | 98 | // Blacklist variables, initialized with comma separated lists of high false | 
|  | 99 | // positive and/or dangerous references, e.g. without self restart, for pid, | 
|  | 100 | // ppid, name and uid: | 
|  | 101 |  | 
|  | 102 | // list of pids, or tids or names to skip. kernel pid (0), init pid (1), | 
|  | 103 | // [kthreadd] pid (2), ourselves, "init", "[kthreadd]", "lmkd", "llkd" or | 
|  | 104 | // combinations of watchdogd in kernel and user space. | 
|  | 105 | std::unordered_set<std::string> llkBlacklistProcess; | 
|  | 106 | // list of parent pids, comm or cmdline names to skip. default: | 
|  | 107 | // kernel pid (0), [kthreadd] (2), or ourselves, enforced and implied | 
|  | 108 | std::unordered_set<std::string> llkBlacklistParent; | 
|  | 109 | // list of uids, and uid names, to skip, default nothing | 
|  | 110 | std::unordered_set<std::string> llkBlacklistUid; | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 111 | #ifdef __PTRACE_ENABLED__ | 
|  | 112 | // list of names to skip stack checking. "init", "lmkd", "llkd", "keystore" or | 
|  | 113 | // "logd" (if not userdebug). | 
|  | 114 | std::unordered_set<std::string> llkBlacklistStack; | 
|  | 115 | #endif | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 116 |  | 
|  | 117 | class dir { | 
|  | 118 | public: | 
|  | 119 | enum level { proc, task, numLevels }; | 
|  | 120 |  | 
|  | 121 | private: | 
|  | 122 | int fd; | 
|  | 123 | size_t available_bytes; | 
|  | 124 | dirent* next; | 
|  | 125 | // each directory level picked to be just north of 4K in size | 
|  | 126 | static constexpr size_t buffEntries = 15; | 
|  | 127 | static dirent buff[numLevels][buffEntries]; | 
|  | 128 |  | 
|  | 129 | bool fill(enum level index) { | 
|  | 130 | if (index >= numLevels) return false; | 
|  | 131 | if (available_bytes != 0) return true; | 
|  | 132 | if (__predict_false(fd < 0)) return false; | 
|  | 133 | // getdents64 has no libc wrapper | 
|  | 134 | auto rc = TEMP_FAILURE_RETRY(syscall(__NR_getdents64, fd, buff[index], sizeof(buff[0]), 0)); | 
|  | 135 | if (rc <= 0) return false; | 
|  | 136 | available_bytes = rc; | 
|  | 137 | next = buff[index]; | 
|  | 138 | return true; | 
|  | 139 | } | 
|  | 140 |  | 
|  | 141 | public: | 
|  | 142 | dir() : fd(-1), available_bytes(0), next(nullptr) {} | 
|  | 143 |  | 
|  | 144 | explicit dir(const char* directory) | 
|  | 145 | : fd(__predict_true(directory != nullptr) | 
|  | 146 | ? ::open(directory, O_CLOEXEC | O_DIRECTORY | O_RDONLY) | 
|  | 147 | : -1), | 
|  | 148 | available_bytes(0), | 
|  | 149 | next(nullptr) {} | 
|  | 150 |  | 
|  | 151 | explicit dir(const std::string&& directory) | 
|  | 152 | : fd(::open(directory.c_str(), O_CLOEXEC | O_DIRECTORY | O_RDONLY)), | 
|  | 153 | available_bytes(0), | 
|  | 154 | next(nullptr) {} | 
|  | 155 |  | 
|  | 156 | explicit dir(const std::string& directory) | 
|  | 157 | : fd(::open(directory.c_str(), O_CLOEXEC | O_DIRECTORY | O_RDONLY)), | 
|  | 158 | available_bytes(0), | 
|  | 159 | next(nullptr) {} | 
|  | 160 |  | 
|  | 161 | // Don't need any copy or move constructors. | 
|  | 162 | explicit dir(const dir& c) = delete; | 
|  | 163 | explicit dir(dir& c) = delete; | 
|  | 164 | explicit dir(dir&& c) = delete; | 
|  | 165 |  | 
|  | 166 | ~dir() { | 
|  | 167 | if (fd >= 0) { | 
|  | 168 | ::close(fd); | 
|  | 169 | } | 
|  | 170 | } | 
|  | 171 |  | 
|  | 172 | operator bool() const { return fd >= 0; } | 
|  | 173 |  | 
|  | 174 | void reset(void) { | 
|  | 175 | if (fd >= 0) { | 
|  | 176 | ::close(fd); | 
|  | 177 | fd = -1; | 
|  | 178 | available_bytes = 0; | 
|  | 179 | next = nullptr; | 
|  | 180 | } | 
|  | 181 | } | 
|  | 182 |  | 
|  | 183 | dir& reset(const char* directory) { | 
|  | 184 | reset(); | 
|  | 185 | // available_bytes will _always_ be zero here as its value is | 
|  | 186 | // intimately tied to fd < 0 or not. | 
|  | 187 | fd = ::open(directory, O_CLOEXEC | O_DIRECTORY | O_RDONLY); | 
|  | 188 | return *this; | 
|  | 189 | } | 
|  | 190 |  | 
|  | 191 | void rewind(void) { | 
|  | 192 | if (fd >= 0) { | 
|  | 193 | ::lseek(fd, off_t(0), SEEK_SET); | 
|  | 194 | available_bytes = 0; | 
|  | 195 | next = nullptr; | 
|  | 196 | } | 
|  | 197 | } | 
|  | 198 |  | 
|  | 199 | dirent* read(enum level index = proc, dirent* def = nullptr) { | 
|  | 200 | if (!fill(index)) return def; | 
|  | 201 | auto ret = next; | 
|  | 202 | available_bytes -= next->d_reclen; | 
|  | 203 | next = reinterpret_cast<dirent*>(reinterpret_cast<char*>(next) + next->d_reclen); | 
|  | 204 | return ret; | 
|  | 205 | } | 
|  | 206 | } llkTopDirectory; | 
|  | 207 |  | 
|  | 208 | dirent dir::buff[dir::numLevels][dir::buffEntries]; | 
|  | 209 |  | 
|  | 210 | // helper functions | 
|  | 211 |  | 
|  | 212 | bool llkIsMissingExeLink(pid_t tid) { | 
|  | 213 | char c; | 
|  | 214 | // CAP_SYS_PTRACE is required to prevent ret == -1, but ENOENT is signal | 
|  | 215 | auto ret = ::readlink((procdir + std::to_string(tid) + "/exe").c_str(), &c, sizeof(c)); | 
|  | 216 | return (ret == -1) && (errno == ENOENT); | 
|  | 217 | } | 
|  | 218 |  | 
|  | 219 | // Common routine where caller accepts empty content as error/passthrough. | 
|  | 220 | // Reduces the churn of reporting read errors in the callers. | 
|  | 221 | std::string ReadFile(std::string&& path) { | 
|  | 222 | std::string content; | 
|  | 223 | if (!android::base::ReadFileToString(path, &content)) { | 
|  | 224 | PLOG(DEBUG) << "Read " << path << " failed"; | 
|  | 225 | content = ""; | 
|  | 226 | } | 
|  | 227 | return content; | 
|  | 228 | } | 
|  | 229 |  | 
|  | 230 | std::string llkProcGetName(pid_t tid, const char* node = "/cmdline") { | 
|  | 231 | std::string content = ReadFile(procdir + std::to_string(tid) + node); | 
|  | 232 | static constexpr char needles[] = " \t\r\n";  // including trailing nul | 
|  | 233 | auto pos = content.find_first_of(needles, 0, sizeof(needles)); | 
|  | 234 | if (pos != std::string::npos) { | 
|  | 235 | content.erase(pos); | 
|  | 236 | } | 
|  | 237 | return content; | 
|  | 238 | } | 
|  | 239 |  | 
|  | 240 | uid_t llkProcGetUid(pid_t tid) { | 
|  | 241 | // Get the process' uid.  The following read from /status is admittedly | 
|  | 242 | // racy, prone to corruption due to shape-changes.  The consequences are | 
|  | 243 | // not catastrophic as we sample a few times before taking action. | 
|  | 244 | // | 
|  | 245 | // If /loginuid worked on reliably, or on Android (all tasks report -1)... | 
|  | 246 | // Android lmkd causes /cgroup to contain memory:/<dom>/uid_<uid>/pid_<pid> | 
|  | 247 | // which is tighter, but also not reliable. | 
|  | 248 | std::string content = ReadFile(procdir + std::to_string(tid) + "/status"); | 
|  | 249 | static constexpr char Uid[] = "\nUid:"; | 
|  | 250 | auto pos = content.find(Uid); | 
|  | 251 | if (pos == std::string::npos) { | 
|  | 252 | return -1; | 
|  | 253 | } | 
|  | 254 | pos += ::strlen(Uid); | 
|  | 255 | while ((pos < content.size()) && ::isblank(content[pos])) { | 
|  | 256 | ++pos; | 
|  | 257 | } | 
|  | 258 | content.erase(0, pos); | 
|  | 259 | for (pos = 0; (pos < content.size()) && ::isdigit(content[pos]); ++pos) { | 
|  | 260 | ; | 
|  | 261 | } | 
|  | 262 | // Content of form 'Uid:	0	0	0	0', newline is error | 
|  | 263 | if ((pos >= content.size()) || !::isblank(content[pos])) { | 
|  | 264 | return -1; | 
|  | 265 | } | 
|  | 266 | content.erase(pos); | 
|  | 267 | uid_t ret; | 
| Tom Cherry | e0bc5a9 | 2018-10-05 14:29:47 -0700 | [diff] [blame] | 268 | if (!android::base::ParseUint(content, &ret, uid_t(0))) { | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 269 | return -1; | 
|  | 270 | } | 
|  | 271 | return ret; | 
|  | 272 | } | 
|  | 273 |  | 
|  | 274 | struct proc { | 
|  | 275 | pid_t tid;                     // monitored thread id (in Z or D state). | 
|  | 276 | nanoseconds schedUpdate;       // /proc/<tid>/sched "se.avg.lastUpdateTime", | 
|  | 277 | uint64_t nrSwitches;           // /proc/<tid>/sched "nr_switches" for | 
|  | 278 | // refined ABA problem detection, determine | 
|  | 279 | // forward scheduling progress. | 
|  | 280 | milliseconds update;           // llkUpdate millisecond signature of last. | 
|  | 281 | milliseconds count;            // duration in state. | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 282 | #ifdef __PTRACE_ENABLED__          // Privileged state checking | 
|  | 283 | milliseconds count_stack;      // duration where stack is stagnant. | 
|  | 284 | #endif                             // End privilege | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 285 | pid_t pid;                     // /proc/<pid> before iterating through | 
|  | 286 | // /proc/<pid>/task/<tid> for threads. | 
|  | 287 | pid_t ppid;                    // /proc/<tid>/stat field 4 parent pid. | 
|  | 288 | uid_t uid;                     // /proc/<tid>/status Uid: field. | 
|  | 289 | unsigned time;                 // sum of /proc/<tid>/stat field 14 utime & | 
|  | 290 | // 15 stime for coarse ABA problem detection. | 
|  | 291 | std::string cmdline;           // cached /cmdline content | 
|  | 292 | char state;                    // /proc/<tid>/stat field 3: Z or D | 
|  | 293 | // (others we do not monitor: S, R, T or ?) | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 294 | #ifdef __PTRACE_ENABLED__          // Privileged state checking | 
|  | 295 | char stack;                    // index in llkCheckStackSymbols for matches | 
|  | 296 | #endif                             // and with maximum index PROP_VALUE_MAX/2. | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 297 | char comm[TASK_COMM_LEN + 3];  // space for adding '[' and ']' | 
|  | 298 | bool exeMissingValid;          // exeMissing has been cached | 
|  | 299 | bool cmdlineValid;             // cmdline has been cached | 
|  | 300 | bool updated;                  // cleared before monitoring pass. | 
|  | 301 | bool killed;                   // sent a kill to this thread, next panic... | 
|  | 302 |  | 
|  | 303 | void setComm(const char* _comm) { strncpy(comm + 1, _comm, sizeof(comm) - 2); } | 
|  | 304 |  | 
|  | 305 | proc(pid_t tid, pid_t pid, pid_t ppid, const char* _comm, int time, char state) | 
|  | 306 | : tid(tid), | 
|  | 307 | schedUpdate(0), | 
|  | 308 | nrSwitches(0), | 
|  | 309 | update(llkUpdate), | 
| Mark Salyzyn | acecaf7 | 2018-08-10 08:15:57 -0700 | [diff] [blame] | 310 | count(0ms), | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 311 | #ifdef __PTRACE_ENABLED__ | 
|  | 312 | count_stack(0ms), | 
|  | 313 | #endif | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 314 | pid(pid), | 
|  | 315 | ppid(ppid), | 
|  | 316 | uid(-1), | 
|  | 317 | time(time), | 
|  | 318 | state(state), | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 319 | #ifdef __PTRACE_ENABLED__ | 
|  | 320 | stack(-1), | 
|  | 321 | #endif | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 322 | exeMissingValid(false), | 
|  | 323 | cmdlineValid(false), | 
|  | 324 | updated(true), | 
| Mark Salyzyn | afd66f2 | 2018-03-19 15:16:29 -0700 | [diff] [blame] | 325 | killed(!llkTestWithKill) { | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 326 | memset(comm, '\0', sizeof(comm)); | 
|  | 327 | setComm(_comm); | 
|  | 328 | } | 
|  | 329 |  | 
|  | 330 | const char* getComm(void) { | 
|  | 331 | if (comm[1] == '\0') {  // comm Valid? | 
|  | 332 | strncpy(comm + 1, llkProcGetName(tid, "/comm").c_str(), sizeof(comm) - 2); | 
|  | 333 | } | 
|  | 334 | if (!exeMissingValid) { | 
|  | 335 | if (llkIsMissingExeLink(tid)) { | 
|  | 336 | comm[0] = '['; | 
|  | 337 | } | 
|  | 338 | exeMissingValid = true; | 
|  | 339 | } | 
|  | 340 | size_t len = strlen(comm + 1); | 
|  | 341 | if (__predict_true(len < (sizeof(comm) - 1))) { | 
|  | 342 | if (comm[0] == '[') { | 
|  | 343 | if ((comm[len] != ']') && __predict_true(len < (sizeof(comm) - 2))) { | 
|  | 344 | comm[++len] = ']'; | 
|  | 345 | comm[++len] = '\0'; | 
|  | 346 | } | 
|  | 347 | } else { | 
|  | 348 | if (comm[len] == ']') { | 
|  | 349 | comm[len] = '\0'; | 
|  | 350 | } | 
|  | 351 | } | 
|  | 352 | } | 
|  | 353 | return &comm[comm[0] != '[']; | 
|  | 354 | } | 
|  | 355 |  | 
|  | 356 | const char* getCmdline(void) { | 
|  | 357 | if (!cmdlineValid) { | 
|  | 358 | cmdline = llkProcGetName(tid); | 
|  | 359 | cmdlineValid = true; | 
|  | 360 | } | 
|  | 361 | return cmdline.c_str(); | 
|  | 362 | } | 
|  | 363 |  | 
|  | 364 | uid_t getUid(void) { | 
|  | 365 | if (uid <= 0) {  // Churn on root user, because most likely to setuid() | 
|  | 366 | uid = llkProcGetUid(tid); | 
|  | 367 | } | 
|  | 368 | return uid; | 
|  | 369 | } | 
|  | 370 |  | 
|  | 371 | void reset(void) {  // reset cache, if we detected pid rollover | 
|  | 372 | uid = -1; | 
|  | 373 | state = '?'; | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 374 | #ifdef __PTRACE_ENABLED__ | 
|  | 375 | count_stack = 0ms; | 
|  | 376 | stack = -1; | 
|  | 377 | #endif | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 378 | cmdline = ""; | 
|  | 379 | comm[0] = '\0'; | 
|  | 380 | exeMissingValid = false; | 
|  | 381 | cmdlineValid = false; | 
|  | 382 | } | 
|  | 383 | }; | 
|  | 384 |  | 
|  | 385 | std::unordered_map<pid_t, proc> tids; | 
|  | 386 |  | 
|  | 387 | // Check range and setup defaults, in order of propagation: | 
|  | 388 | //     llkTimeoutMs | 
|  | 389 | //     llkCheckMs | 
|  | 390 | //     ... | 
|  | 391 | // KISS to keep it all self-contained, and called multiple times as parameters | 
|  | 392 | // are interpreted so that defaults, llkCheckMs and llkCycle make sense. | 
|  | 393 | void llkValidate() { | 
|  | 394 | if (llkTimeoutMs == 0ms) { | 
|  | 395 | llkTimeoutMs = LLK_TIMEOUT_MS_DEFAULT; | 
|  | 396 | } | 
|  | 397 | llkTimeoutMs = std::max(llkTimeoutMs, LLK_TIMEOUT_MS_MINIMUM); | 
|  | 398 | if (llkCheckMs == 0ms) { | 
|  | 399 | llkCheckMs = llkTimeoutMs / LLK_CHECKS_PER_TIMEOUT_DEFAULT; | 
|  | 400 | } | 
|  | 401 | llkCheckMs = std::min(llkCheckMs, llkTimeoutMs); | 
|  | 402 |  | 
|  | 403 | for (size_t state = 0; state < ARRAY_SIZE(llkStateTimeoutMs); ++state) { | 
|  | 404 | if (llkStateTimeoutMs[state] == 0ms) { | 
|  | 405 | llkStateTimeoutMs[state] = llkTimeoutMs; | 
|  | 406 | } | 
|  | 407 | llkStateTimeoutMs[state] = | 
|  | 408 | std::min(std::max(llkStateTimeoutMs[state], LLK_TIMEOUT_MS_MINIMUM), llkTimeoutMs); | 
|  | 409 | llkCheckMs = std::min(llkCheckMs, llkStateTimeoutMs[state]); | 
|  | 410 | } | 
|  | 411 |  | 
|  | 412 | llkCheckMs = std::max(llkCheckMs, LLK_CHECK_MS_MINIMUM); | 
|  | 413 | if (llkCycle == 0ms) { | 
|  | 414 | llkCycle = llkCheckMs; | 
|  | 415 | } | 
|  | 416 | llkCycle = std::min(llkCycle, llkCheckMs); | 
|  | 417 | } | 
|  | 418 |  | 
|  | 419 | milliseconds llkGetTimespecDiffMs(timespec* from, timespec* to) { | 
|  | 420 | return duration_cast<milliseconds>(seconds(to->tv_sec - from->tv_sec)) + | 
|  | 421 | duration_cast<milliseconds>(nanoseconds(to->tv_nsec - from->tv_nsec)); | 
|  | 422 | } | 
|  | 423 |  | 
|  | 424 | std::string llkProcGetName(pid_t tid, const char* comm, const char* cmdline) { | 
|  | 425 | if ((cmdline != nullptr) && (*cmdline != '\0')) { | 
|  | 426 | return cmdline; | 
|  | 427 | } | 
|  | 428 | if ((comm != nullptr) && (*comm != '\0')) { | 
|  | 429 | return comm; | 
|  | 430 | } | 
|  | 431 |  | 
|  | 432 | // UNLIKELY! Here because killed before we kill it? | 
|  | 433 | // Assume change is afoot, do not call llkTidAlloc | 
|  | 434 |  | 
|  | 435 | // cmdline ? | 
|  | 436 | std::string content = llkProcGetName(tid); | 
|  | 437 | if (content.size() != 0) { | 
|  | 438 | return content; | 
|  | 439 | } | 
|  | 440 | // Comm instead? | 
|  | 441 | content = llkProcGetName(tid, "/comm"); | 
|  | 442 | if (llkIsMissingExeLink(tid) && (content.size() != 0)) { | 
|  | 443 | return '[' + content + ']'; | 
|  | 444 | } | 
|  | 445 | return content; | 
|  | 446 | } | 
|  | 447 |  | 
|  | 448 | int llkKillOneProcess(pid_t pid, char state, pid_t tid, const char* tcomm = nullptr, | 
|  | 449 | const char* tcmdline = nullptr, const char* pcomm = nullptr, | 
|  | 450 | const char* pcmdline = nullptr) { | 
|  | 451 | std::string forTid; | 
|  | 452 | if (tid != pid) { | 
|  | 453 | forTid = " for '" + llkProcGetName(tid, tcomm, tcmdline) + "' (" + std::to_string(tid) + ")"; | 
|  | 454 | } | 
|  | 455 | LOG(INFO) << "Killing '" << llkProcGetName(pid, pcomm, pcmdline) << "' (" << pid | 
|  | 456 | << ") to check forward scheduling progress in " << state << " state" << forTid; | 
|  | 457 | // CAP_KILL required | 
|  | 458 | errno = 0; | 
|  | 459 | auto r = ::kill(pid, SIGKILL); | 
|  | 460 | if (r) { | 
|  | 461 | PLOG(ERROR) << "kill(" << pid << ")=" << r << ' '; | 
|  | 462 | } | 
|  | 463 |  | 
|  | 464 | return r; | 
|  | 465 | } | 
|  | 466 |  | 
|  | 467 | // Kill one process | 
|  | 468 | int llkKillOneProcess(pid_t pid, proc* tprocp) { | 
|  | 469 | return llkKillOneProcess(pid, tprocp->state, tprocp->tid, tprocp->getComm(), | 
|  | 470 | tprocp->getCmdline()); | 
|  | 471 | } | 
|  | 472 |  | 
|  | 473 | // Kill one process specified by kprocp | 
|  | 474 | int llkKillOneProcess(proc* kprocp, proc* tprocp) { | 
|  | 475 | if (kprocp == nullptr) { | 
|  | 476 | return -2; | 
|  | 477 | } | 
|  | 478 |  | 
|  | 479 | return llkKillOneProcess(kprocp->tid, tprocp->state, tprocp->tid, tprocp->getComm(), | 
|  | 480 | tprocp->getCmdline(), kprocp->getComm(), kprocp->getCmdline()); | 
|  | 481 | } | 
|  | 482 |  | 
|  | 483 | // Acquire file descriptor from environment, or open and cache it. | 
|  | 484 | // NB: cache is unnecessary in our current context, pedantically | 
|  | 485 | //     required to prevent leakage of file descriptors in the future. | 
|  | 486 | int llkFileToWriteFd(const std::string& file) { | 
|  | 487 | static std::unordered_map<std::string, int> cache; | 
|  | 488 | auto search = cache.find(file); | 
|  | 489 | if (search != cache.end()) return search->second; | 
|  | 490 | auto fd = android_get_control_file(file.c_str()); | 
|  | 491 | if (fd >= 0) return fd; | 
|  | 492 | fd = TEMP_FAILURE_RETRY(::open(file.c_str(), O_WRONLY | O_CLOEXEC)); | 
|  | 493 | if (fd >= 0) cache.emplace(std::make_pair(file, fd)); | 
|  | 494 | return fd; | 
|  | 495 | } | 
|  | 496 |  | 
|  | 497 | // Wrap android::base::WriteStringToFile to use android_get_control_file. | 
|  | 498 | bool llkWriteStringToFile(const std::string& string, const std::string& file) { | 
|  | 499 | auto fd = llkFileToWriteFd(file); | 
|  | 500 | if (fd < 0) return false; | 
|  | 501 | return android::base::WriteStringToFd(string, fd); | 
|  | 502 | } | 
|  | 503 |  | 
|  | 504 | bool llkWriteStringToFileConfirm(const std::string& string, const std::string& file) { | 
|  | 505 | auto fd = llkFileToWriteFd(file); | 
|  | 506 | auto ret = (fd < 0) ? false : android::base::WriteStringToFd(string, fd); | 
|  | 507 | std::string content; | 
|  | 508 | if (!android::base::ReadFileToString(file, &content)) return ret; | 
|  | 509 | return android::base::Trim(content) == string; | 
|  | 510 | } | 
|  | 511 |  | 
| Mark Salyzyn | afd66f2 | 2018-03-19 15:16:29 -0700 | [diff] [blame] | 512 | void llkPanicKernel(bool dump, pid_t tid, const char* state) __noreturn; | 
|  | 513 | void llkPanicKernel(bool dump, pid_t tid, const char* state) { | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 514 | auto sysrqTriggerFd = llkFileToWriteFd("/proc/sysrq-trigger"); | 
|  | 515 | if (sysrqTriggerFd < 0) { | 
|  | 516 | // DYB | 
|  | 517 | llkKillOneProcess(initPid, 'R', tid); | 
|  | 518 | // The answer to life, the universe and everything | 
|  | 519 | ::exit(42); | 
|  | 520 | // NOTREACHED | 
|  | 521 | } | 
|  | 522 | ::sync(); | 
|  | 523 | if (dump) { | 
|  | 524 | // Show all locks that are held | 
|  | 525 | android::base::WriteStringToFd("d", sysrqTriggerFd); | 
|  | 526 | // This can trigger hardware watchdog, that is somewhat _ok_. | 
|  | 527 | // But useless if pstore configured for <256KB, low ram devices ... | 
|  | 528 | if (!llkLowRam) { | 
|  | 529 | android::base::WriteStringToFd("t", sysrqTriggerFd); | 
|  | 530 | } | 
|  | 531 | ::usleep(200000);  // let everything settle | 
|  | 532 | } | 
| Mark Salyzyn | 52e54a6 | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 533 | llkWriteStringToFile("SysRq : Trigger a crash : 'livelock,"s + state + "'\n", "/dev/kmsg"); | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 534 | android::base::WriteStringToFd("c", sysrqTriggerFd); | 
|  | 535 | // NOTREACHED | 
|  | 536 | // DYB | 
|  | 537 | llkKillOneProcess(initPid, 'R', tid); | 
|  | 538 | // I sat at my desk, stared into the garden and thought '42 will do'. | 
|  | 539 | // I typed it out. End of story | 
|  | 540 | ::exit(42); | 
|  | 541 | // NOTREACHED | 
|  | 542 | } | 
|  | 543 |  | 
|  | 544 | void llkAlarmHandler(int) { | 
| Mark Salyzyn | afd66f2 | 2018-03-19 15:16:29 -0700 | [diff] [blame] | 545 | llkPanicKernel(false, ::getpid(), "alarm"); | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 546 | } | 
|  | 547 |  | 
|  | 548 | milliseconds GetUintProperty(const std::string& key, milliseconds def) { | 
|  | 549 | return milliseconds(android::base::GetUintProperty(key, static_cast<uint64_t>(def.count()), | 
|  | 550 | static_cast<uint64_t>(def.max().count()))); | 
|  | 551 | } | 
|  | 552 |  | 
|  | 553 | seconds GetUintProperty(const std::string& key, seconds def) { | 
|  | 554 | return seconds(android::base::GetUintProperty(key, static_cast<uint64_t>(def.count()), | 
|  | 555 | static_cast<uint64_t>(def.max().count()))); | 
|  | 556 | } | 
|  | 557 |  | 
|  | 558 | proc* llkTidLookup(pid_t tid) { | 
|  | 559 | auto search = tids.find(tid); | 
|  | 560 | if (search == tids.end()) { | 
|  | 561 | return nullptr; | 
|  | 562 | } | 
|  | 563 | return &search->second; | 
|  | 564 | } | 
|  | 565 |  | 
|  | 566 | void llkTidRemove(pid_t tid) { | 
|  | 567 | tids.erase(tid); | 
|  | 568 | } | 
|  | 569 |  | 
|  | 570 | proc* llkTidAlloc(pid_t tid, pid_t pid, pid_t ppid, const char* comm, int time, char state) { | 
|  | 571 | auto it = tids.emplace(std::make_pair(tid, proc(tid, pid, ppid, comm, time, state))); | 
|  | 572 | return &it.first->second; | 
|  | 573 | } | 
|  | 574 |  | 
|  | 575 | std::string llkFormat(milliseconds ms) { | 
|  | 576 | auto sec = duration_cast<seconds>(ms); | 
|  | 577 | std::ostringstream s; | 
|  | 578 | s << sec.count() << '.'; | 
|  | 579 | auto f = s.fill('0'); | 
|  | 580 | auto w = s.width(3); | 
|  | 581 | s << std::right << (ms - sec).count(); | 
|  | 582 | s.width(w); | 
|  | 583 | s.fill(f); | 
|  | 584 | s << 's'; | 
|  | 585 | return s.str(); | 
|  | 586 | } | 
|  | 587 |  | 
|  | 588 | std::string llkFormat(seconds s) { | 
|  | 589 | return std::to_string(s.count()) + 's'; | 
|  | 590 | } | 
|  | 591 |  | 
|  | 592 | std::string llkFormat(bool flag) { | 
|  | 593 | return flag ? "true" : "false"; | 
|  | 594 | } | 
|  | 595 |  | 
|  | 596 | std::string llkFormat(const std::unordered_set<std::string>& blacklist) { | 
|  | 597 | std::string ret; | 
|  | 598 | for (auto entry : blacklist) { | 
|  | 599 | if (ret.size()) { | 
|  | 600 | ret += ","; | 
|  | 601 | } | 
|  | 602 | ret += entry; | 
|  | 603 | } | 
|  | 604 | return ret; | 
|  | 605 | } | 
|  | 606 |  | 
|  | 607 | // We only officially support comma separators, but wetware being what they | 
|  | 608 | // are will take some liberty and I do not believe they should be punished. | 
| Mark Salyzyn | acecaf7 | 2018-08-10 08:15:57 -0700 | [diff] [blame] | 609 | std::unordered_set<std::string> llkSplit(const std::string& s) { | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 610 | std::unordered_set<std::string> result; | 
|  | 611 |  | 
| Mark Salyzyn | acecaf7 | 2018-08-10 08:15:57 -0700 | [diff] [blame] | 612 | // Special case, allow boolean false to empty the list, otherwise expected | 
|  | 613 | // source of input from android::base::GetProperty will supply the default | 
|  | 614 | // value on empty content in the property. | 
|  | 615 | if (s == "false") return result; | 
|  | 616 |  | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 617 | size_t base = 0; | 
| Mark Salyzyn | acecaf7 | 2018-08-10 08:15:57 -0700 | [diff] [blame] | 618 | while (s.size() > base) { | 
|  | 619 | auto found = s.find_first_of(", \t:", base); | 
|  | 620 | // Only emplace content, empty entries are not an option | 
|  | 621 | if (found != base) result.emplace(s.substr(base, found - base)); | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 622 | if (found == s.npos) break; | 
|  | 623 | base = found + 1; | 
|  | 624 | } | 
|  | 625 | return result; | 
|  | 626 | } | 
|  | 627 |  | 
|  | 628 | bool llkSkipName(const std::string& name, | 
|  | 629 | const std::unordered_set<std::string>& blacklist = llkBlacklistProcess) { | 
|  | 630 | if ((name.size() == 0) || (blacklist.size() == 0)) { | 
|  | 631 | return false; | 
|  | 632 | } | 
|  | 633 |  | 
|  | 634 | return blacklist.find(name) != blacklist.end(); | 
|  | 635 | } | 
|  | 636 |  | 
|  | 637 | bool llkSkipPid(pid_t pid) { | 
|  | 638 | return llkSkipName(std::to_string(pid), llkBlacklistProcess); | 
|  | 639 | } | 
|  | 640 |  | 
|  | 641 | bool llkSkipPpid(pid_t ppid) { | 
|  | 642 | return llkSkipName(std::to_string(ppid), llkBlacklistParent); | 
|  | 643 | } | 
|  | 644 |  | 
|  | 645 | bool llkSkipUid(uid_t uid) { | 
|  | 646 | // Match by number? | 
|  | 647 | if (llkSkipName(std::to_string(uid), llkBlacklistUid)) { | 
|  | 648 | return true; | 
|  | 649 | } | 
|  | 650 |  | 
|  | 651 | // Match by name? | 
|  | 652 | auto pwd = ::getpwuid(uid); | 
|  | 653 | return (pwd != nullptr) && __predict_true(pwd->pw_name != nullptr) && | 
|  | 654 | __predict_true(pwd->pw_name[0] != '\0') && llkSkipName(pwd->pw_name, llkBlacklistUid); | 
|  | 655 | } | 
|  | 656 |  | 
|  | 657 | bool getValidTidDir(dirent* dp, std::string* piddir) { | 
|  | 658 | if (!::isdigit(dp->d_name[0])) { | 
|  | 659 | return false; | 
|  | 660 | } | 
|  | 661 |  | 
|  | 662 | // Corner case can not happen in reality b/c of above ::isdigit check | 
|  | 663 | if (__predict_false(dp->d_type != DT_DIR)) { | 
|  | 664 | if (__predict_false(dp->d_type == DT_UNKNOWN)) {  // can't b/c procfs | 
|  | 665 | struct stat st; | 
|  | 666 | *piddir = procdir; | 
|  | 667 | *piddir += dp->d_name; | 
|  | 668 | return (lstat(piddir->c_str(), &st) == 0) && (st.st_mode & S_IFDIR); | 
|  | 669 | } | 
|  | 670 | return false; | 
|  | 671 | } | 
|  | 672 |  | 
|  | 673 | *piddir = procdir; | 
|  | 674 | *piddir += dp->d_name; | 
|  | 675 | return true; | 
|  | 676 | } | 
|  | 677 |  | 
|  | 678 | bool llkIsMonitorState(char state) { | 
|  | 679 | return (state == 'Z') || (state == 'D'); | 
|  | 680 | } | 
|  | 681 |  | 
|  | 682 | // returns -1 if not found | 
|  | 683 | long long getSchedValue(const std::string& schedString, const char* key) { | 
|  | 684 | auto pos = schedString.find(key); | 
|  | 685 | if (pos == std::string::npos) { | 
|  | 686 | return -1; | 
|  | 687 | } | 
|  | 688 | pos = schedString.find(':', pos); | 
|  | 689 | if (__predict_false(pos == std::string::npos)) { | 
|  | 690 | return -1; | 
|  | 691 | } | 
|  | 692 | while ((++pos < schedString.size()) && ::isblank(schedString[pos])) { | 
|  | 693 | ; | 
|  | 694 | } | 
|  | 695 | long long ret; | 
|  | 696 | if (!android::base::ParseInt(schedString.substr(pos), &ret, static_cast<long long>(0))) { | 
|  | 697 | return -1; | 
|  | 698 | } | 
|  | 699 | return ret; | 
|  | 700 | } | 
|  | 701 |  | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 702 | #ifdef __PTRACE_ENABLED__ | 
|  | 703 | bool llkCheckStack(proc* procp, const std::string& piddir) { | 
|  | 704 | if (llkCheckStackSymbols.empty()) return false; | 
|  | 705 | if (procp->state == 'Z') {  // No brains for Zombies | 
|  | 706 | procp->stack = -1; | 
|  | 707 | procp->count_stack = 0ms; | 
|  | 708 | return false; | 
|  | 709 | } | 
|  | 710 |  | 
|  | 711 | // Don't check process that are known to block ptrace, save sepolicy noise. | 
|  | 712 | if (llkSkipName(std::to_string(procp->pid), llkBlacklistStack)) return false; | 
|  | 713 | if (llkSkipName(procp->getComm(), llkBlacklistStack)) return false; | 
|  | 714 | if (llkSkipName(procp->getCmdline(), llkBlacklistStack)) return false; | 
| Mark Salyzyn | e81ede8 | 2018-10-22 15:52:32 -0700 | [diff] [blame] | 715 | if (llkSkipName(android::base::Basename(procp->getCmdline()), llkBlacklistStack)) return false; | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 716 |  | 
|  | 717 | auto kernel_stack = ReadFile(piddir + "/stack"); | 
|  | 718 | if (kernel_stack.empty()) { | 
|  | 719 | LOG(INFO) << piddir << "/stack empty comm=" << procp->getComm() | 
|  | 720 | << " cmdline=" << procp->getCmdline(); | 
|  | 721 | return false; | 
|  | 722 | } | 
|  | 723 | // A scheduling incident that should not reset count_stack | 
|  | 724 | if (kernel_stack.find(" cpu_worker_pools+0x") != std::string::npos) return false; | 
|  | 725 | char idx = -1; | 
|  | 726 | char match = -1; | 
|  | 727 | for (const auto& stack : llkCheckStackSymbols) { | 
|  | 728 | if (++idx < 0) break; | 
|  | 729 | if (kernel_stack.find(" "s + stack + "+0x") != std::string::npos) { | 
|  | 730 | match = idx; | 
|  | 731 | break; | 
|  | 732 | } | 
|  | 733 | } | 
|  | 734 | if (procp->stack != match) { | 
|  | 735 | procp->stack = match; | 
|  | 736 | procp->count_stack = 0ms; | 
|  | 737 | return false; | 
|  | 738 | } | 
|  | 739 | if (match == char(-1)) return false; | 
|  | 740 | procp->count_stack += llkCycle; | 
|  | 741 | return procp->count_stack >= llkStateTimeoutMs[llkStateStack]; | 
|  | 742 | } | 
|  | 743 | #endif | 
|  | 744 |  | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 745 | // Primary ABA mitigation watching last time schedule activity happened | 
|  | 746 | void llkCheckSchedUpdate(proc* procp, const std::string& piddir) { | 
|  | 747 | // Audit finds /proc/<tid>/sched is just over 1K, and | 
|  | 748 | // is rarely larger than 2K, even less on Android. | 
|  | 749 | // For example, the "se.avg.lastUpdateTime" field we are | 
|  | 750 | // interested in typically within the primary set in | 
|  | 751 | // the first 1K. | 
|  | 752 | // | 
|  | 753 | // Proc entries can not be read >1K atomically via libbase, | 
|  | 754 | // but if there are problems we assume at least a few | 
|  | 755 | // samples of reads occur before we take any real action. | 
|  | 756 | std::string schedString = ReadFile(piddir + "/sched"); | 
|  | 757 | if (schedString.size() == 0) { | 
|  | 758 | // /schedstat is not as standardized, but in 3.1+ | 
|  | 759 | // Android devices, the third field is nr_switches | 
|  | 760 | // from /sched: | 
|  | 761 | schedString = ReadFile(piddir + "/schedstat"); | 
|  | 762 | if (schedString.size() == 0) { | 
|  | 763 | return; | 
|  | 764 | } | 
|  | 765 | auto val = static_cast<unsigned long long>(-1); | 
|  | 766 | if (((::sscanf(schedString.c_str(), "%*d %*d %llu", &val)) == 1) && | 
|  | 767 | (val != static_cast<unsigned long long>(-1)) && (val != 0) && | 
|  | 768 | (val != procp->nrSwitches)) { | 
|  | 769 | procp->nrSwitches = val; | 
|  | 770 | procp->count = 0ms; | 
| Mark Salyzyn | afd66f2 | 2018-03-19 15:16:29 -0700 | [diff] [blame] | 771 | procp->killed = !llkTestWithKill; | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 772 | } | 
|  | 773 | return; | 
|  | 774 | } | 
|  | 775 |  | 
|  | 776 | auto val = getSchedValue(schedString, "\nse.avg.lastUpdateTime"); | 
|  | 777 | if (val == -1) { | 
|  | 778 | val = getSchedValue(schedString, "\nse.svg.last_update_time"); | 
|  | 779 | } | 
|  | 780 | if (val != -1) { | 
|  | 781 | auto schedUpdate = nanoseconds(val); | 
|  | 782 | if (schedUpdate != procp->schedUpdate) { | 
|  | 783 | procp->schedUpdate = schedUpdate; | 
|  | 784 | procp->count = 0ms; | 
| Mark Salyzyn | afd66f2 | 2018-03-19 15:16:29 -0700 | [diff] [blame] | 785 | procp->killed = !llkTestWithKill; | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 786 | } | 
|  | 787 | } | 
|  | 788 |  | 
|  | 789 | val = getSchedValue(schedString, "\nnr_switches"); | 
|  | 790 | if (val != -1) { | 
|  | 791 | if (static_cast<uint64_t>(val) != procp->nrSwitches) { | 
|  | 792 | procp->nrSwitches = val; | 
|  | 793 | procp->count = 0ms; | 
| Mark Salyzyn | afd66f2 | 2018-03-19 15:16:29 -0700 | [diff] [blame] | 794 | procp->killed = !llkTestWithKill; | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 795 | } | 
|  | 796 | } | 
|  | 797 | } | 
|  | 798 |  | 
|  | 799 | void llkLogConfig(void) { | 
|  | 800 | LOG(INFO) << "ro.config.low_ram=" << llkFormat(llkLowRam) << "\n" | 
|  | 801 | << LLK_ENABLE_PROPERTY "=" << llkFormat(llkEnable) << "\n" | 
|  | 802 | << KHT_ENABLE_PROPERTY "=" << llkFormat(khtEnable) << "\n" | 
|  | 803 | << LLK_MLOCKALL_PROPERTY "=" << llkFormat(llkMlockall) << "\n" | 
| Mark Salyzyn | afd66f2 | 2018-03-19 15:16:29 -0700 | [diff] [blame] | 804 | << LLK_KILLTEST_PROPERTY "=" << llkFormat(llkTestWithKill) << "\n" | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 805 | << KHT_TIMEOUT_PROPERTY "=" << llkFormat(khtTimeout) << "\n" | 
|  | 806 | << LLK_TIMEOUT_MS_PROPERTY "=" << llkFormat(llkTimeoutMs) << "\n" | 
|  | 807 | << LLK_D_TIMEOUT_MS_PROPERTY "=" << llkFormat(llkStateTimeoutMs[llkStateD]) << "\n" | 
|  | 808 | << LLK_Z_TIMEOUT_MS_PROPERTY "=" << llkFormat(llkStateTimeoutMs[llkStateZ]) << "\n" | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 809 | #ifdef __PTRACE_ENABLED__ | 
|  | 810 | << LLK_STACK_TIMEOUT_MS_PROPERTY "=" << llkFormat(llkStateTimeoutMs[llkStateStack]) | 
|  | 811 | << "\n" | 
|  | 812 | #endif | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 813 | << LLK_CHECK_MS_PROPERTY "=" << llkFormat(llkCheckMs) << "\n" | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 814 | #ifdef __PTRACE_ENABLED__ | 
|  | 815 | << LLK_CHECK_STACK_PROPERTY "=" << llkFormat(llkCheckStackSymbols) << "\n" | 
|  | 816 | << LLK_BLACKLIST_STACK_PROPERTY "=" << llkFormat(llkBlacklistStack) << "\n" | 
|  | 817 | #endif | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 818 | << LLK_BLACKLIST_PROCESS_PROPERTY "=" << llkFormat(llkBlacklistProcess) << "\n" | 
|  | 819 | << LLK_BLACKLIST_PARENT_PROPERTY "=" << llkFormat(llkBlacklistParent) << "\n" | 
|  | 820 | << LLK_BLACKLIST_UID_PROPERTY "=" << llkFormat(llkBlacklistUid); | 
|  | 821 | } | 
|  | 822 |  | 
|  | 823 | void* llkThread(void* obj) { | 
| Mark Salyzyn | 4832a8b | 2018-08-15 11:02:18 -0700 | [diff] [blame] | 824 | prctl(PR_SET_DUMPABLE, 0); | 
|  | 825 |  | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 826 | LOG(INFO) << "started"; | 
|  | 827 |  | 
|  | 828 | std::string name = std::to_string(::gettid()); | 
|  | 829 | if (!llkSkipName(name)) { | 
|  | 830 | llkBlacklistProcess.emplace(name); | 
|  | 831 | } | 
|  | 832 | name = static_cast<const char*>(obj); | 
|  | 833 | prctl(PR_SET_NAME, name.c_str()); | 
|  | 834 | if (__predict_false(!llkSkipName(name))) { | 
|  | 835 | llkBlacklistProcess.insert(name); | 
|  | 836 | } | 
|  | 837 | // No longer modifying llkBlacklistProcess. | 
|  | 838 | llkRunning = true; | 
|  | 839 | llkLogConfig(); | 
|  | 840 | while (llkRunning) { | 
|  | 841 | ::usleep(duration_cast<microseconds>(llkCheck(true)).count()); | 
|  | 842 | } | 
|  | 843 | // NOTREACHED | 
|  | 844 | LOG(INFO) << "exiting"; | 
|  | 845 | return nullptr; | 
|  | 846 | } | 
|  | 847 |  | 
|  | 848 | }  // namespace | 
|  | 849 |  | 
|  | 850 | milliseconds llkCheck(bool checkRunning) { | 
|  | 851 | if (!llkEnable || (checkRunning != llkRunning)) { | 
|  | 852 | return milliseconds::max(); | 
|  | 853 | } | 
|  | 854 |  | 
|  | 855 | // Reset internal watchdog, which is a healthy engineering margin of | 
|  | 856 | // double the maximum wait or cycle time for the mainloop that calls us. | 
|  | 857 | // | 
|  | 858 | // This alarm is effectively the live lock detection of llkd, as | 
|  | 859 | // we understandably can not monitor ourselves otherwise. | 
|  | 860 | ::alarm(duration_cast<seconds>(llkTimeoutMs * 2).count()); | 
|  | 861 |  | 
|  | 862 | // kernel jiffy precision fastest acquisition | 
|  | 863 | static timespec last; | 
|  | 864 | timespec now; | 
|  | 865 | ::clock_gettime(CLOCK_MONOTONIC_COARSE, &now); | 
|  | 866 | auto ms = llkGetTimespecDiffMs(&last, &now); | 
|  | 867 | if (ms < llkCycle) { | 
|  | 868 | return llkCycle - ms; | 
|  | 869 | } | 
|  | 870 | last = now; | 
|  | 871 |  | 
|  | 872 | LOG(VERBOSE) << "opendir(\"" << procdir << "\")"; | 
|  | 873 | if (__predict_false(!llkTopDirectory)) { | 
|  | 874 | // gid containing AID_READPROC required | 
|  | 875 | llkTopDirectory.reset(procdir); | 
|  | 876 | if (__predict_false(!llkTopDirectory)) { | 
|  | 877 | // Most likely reason we could be here is a resource limit. | 
|  | 878 | // Keep our processing down to a minimum, but not so low that | 
|  | 879 | // we do not recover in a timely manner should the issue be | 
|  | 880 | // transitory. | 
|  | 881 | LOG(DEBUG) << "opendir(\"" << procdir << "\") failed"; | 
|  | 882 | return llkTimeoutMs; | 
|  | 883 | } | 
|  | 884 | } | 
|  | 885 |  | 
|  | 886 | for (auto& it : tids) { | 
|  | 887 | it.second.updated = false; | 
|  | 888 | } | 
|  | 889 |  | 
|  | 890 | auto prevUpdate = llkUpdate; | 
|  | 891 | llkUpdate += ms; | 
|  | 892 | ms -= llkCycle; | 
|  | 893 | auto myPid = ::getpid(); | 
|  | 894 | auto myTid = ::gettid(); | 
|  | 895 | for (auto dp = llkTopDirectory.read(); dp != nullptr; dp = llkTopDirectory.read()) { | 
|  | 896 | std::string piddir; | 
|  | 897 |  | 
|  | 898 | if (!getValidTidDir(dp, &piddir)) { | 
|  | 899 | continue; | 
|  | 900 | } | 
|  | 901 |  | 
|  | 902 | // Get the process tasks | 
|  | 903 | std::string taskdir = piddir + "/task/"; | 
|  | 904 | int pid = -1; | 
|  | 905 | LOG(VERBOSE) << "+opendir(\"" << taskdir << "\")"; | 
|  | 906 | dir taskDirectory(taskdir); | 
|  | 907 | if (__predict_false(!taskDirectory)) { | 
|  | 908 | LOG(DEBUG) << "+opendir(\"" << taskdir << "\") failed"; | 
|  | 909 | } | 
|  | 910 | for (auto tp = taskDirectory.read(dir::task, dp); tp != nullptr; | 
|  | 911 | tp = taskDirectory.read(dir::task)) { | 
|  | 912 | if (!getValidTidDir(tp, &piddir)) { | 
|  | 913 | continue; | 
|  | 914 | } | 
|  | 915 |  | 
|  | 916 | // Get the process stat | 
|  | 917 | std::string stat = ReadFile(piddir + "/stat"); | 
|  | 918 | if (stat.size() == 0) { | 
|  | 919 | continue; | 
|  | 920 | } | 
|  | 921 | unsigned tid = -1; | 
|  | 922 | char pdir[TASK_COMM_LEN + 1]; | 
|  | 923 | char state = '?'; | 
|  | 924 | unsigned ppid = -1; | 
|  | 925 | unsigned utime = -1; | 
|  | 926 | unsigned stime = -1; | 
|  | 927 | int dummy; | 
|  | 928 | pdir[0] = '\0'; | 
|  | 929 | // tid should not change value | 
|  | 930 | auto match = ::sscanf( | 
|  | 931 | stat.c_str(), | 
|  | 932 | "%u (%" ___STRING( | 
|  | 933 | TASK_COMM_LEN) "[^)]) %c %u %*d %*d %*d %*d %*d %*d %*d %*d %*d %u %u %d", | 
|  | 934 | &tid, pdir, &state, &ppid, &utime, &stime, &dummy); | 
|  | 935 | if (pid == -1) { | 
|  | 936 | pid = tid; | 
|  | 937 | } | 
|  | 938 | LOG(VERBOSE) << "match " << match << ' ' << tid << " (" << pdir << ") " << state << ' ' | 
|  | 939 | << ppid << " ... " << utime << ' ' << stime << ' ' << dummy; | 
|  | 940 | if (match != 7) { | 
|  | 941 | continue; | 
|  | 942 | } | 
|  | 943 |  | 
|  | 944 | auto procp = llkTidLookup(tid); | 
|  | 945 | if (procp == nullptr) { | 
|  | 946 | procp = llkTidAlloc(tid, pid, ppid, pdir, utime + stime, state); | 
|  | 947 | } else { | 
|  | 948 | // comm can change ... | 
|  | 949 | procp->setComm(pdir); | 
|  | 950 | procp->updated = true; | 
|  | 951 | // pid/ppid/tid wrap? | 
|  | 952 | if (((procp->update != prevUpdate) && (procp->update != llkUpdate)) || | 
|  | 953 | (procp->ppid != ppid) || (procp->pid != pid)) { | 
|  | 954 | procp->reset(); | 
|  | 955 | } else if (procp->time != (utime + stime)) {  // secondary ABA. | 
|  | 956 | // watching utime+stime granularity jiffy | 
|  | 957 | procp->state = '?'; | 
|  | 958 | } | 
|  | 959 | procp->update = llkUpdate; | 
|  | 960 | procp->pid = pid; | 
|  | 961 | procp->ppid = ppid; | 
|  | 962 | procp->time = utime + stime; | 
|  | 963 | if (procp->state != state) { | 
|  | 964 | procp->count = 0ms; | 
| Mark Salyzyn | afd66f2 | 2018-03-19 15:16:29 -0700 | [diff] [blame] | 965 | procp->killed = !llkTestWithKill; | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 966 | procp->state = state; | 
|  | 967 | } else { | 
|  | 968 | procp->count += llkCycle; | 
|  | 969 | } | 
|  | 970 | } | 
|  | 971 |  | 
|  | 972 | // Filter checks in intuitive order of CPU cost to evaluate | 
|  | 973 | // If tid unique continue, if ppid or pid unique break | 
|  | 974 |  | 
|  | 975 | if (pid == myPid) { | 
|  | 976 | break; | 
|  | 977 | } | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 978 | #ifdef __PTRACE_ENABLED__ | 
|  | 979 | // if no stack monitoring, we can quickly exit here | 
|  | 980 | if (!llkIsMonitorState(state) && llkCheckStackSymbols.empty()) { | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 981 | continue; | 
|  | 982 | } | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 983 | #else | 
|  | 984 | if (!llkIsMonitorState(state)) continue; | 
|  | 985 | #endif | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 986 | if ((tid == myTid) || llkSkipPid(tid)) { | 
|  | 987 | continue; | 
|  | 988 | } | 
|  | 989 | if (llkSkipPpid(ppid)) { | 
|  | 990 | break; | 
|  | 991 | } | 
|  | 992 |  | 
|  | 993 | if (llkSkipName(procp->getComm())) { | 
|  | 994 | continue; | 
|  | 995 | } | 
|  | 996 | if (llkSkipName(procp->getCmdline())) { | 
|  | 997 | break; | 
|  | 998 | } | 
| Mark Salyzyn | e81ede8 | 2018-10-22 15:52:32 -0700 | [diff] [blame] | 999 | if (llkSkipName(android::base::Basename(procp->getCmdline()))) { | 
|  | 1000 | break; | 
|  | 1001 | } | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 1002 |  | 
|  | 1003 | auto pprocp = llkTidLookup(ppid); | 
|  | 1004 | if (pprocp == nullptr) { | 
|  | 1005 | pprocp = llkTidAlloc(ppid, ppid, 0, "", 0, '?'); | 
|  | 1006 | } | 
| Mark Salyzyn | e81ede8 | 2018-10-22 15:52:32 -0700 | [diff] [blame] | 1007 | if ((pprocp != nullptr) && | 
|  | 1008 | (llkSkipName(pprocp->getComm(), llkBlacklistParent) || | 
|  | 1009 | llkSkipName(pprocp->getCmdline(), llkBlacklistParent) || | 
|  | 1010 | llkSkipName(android::base::Basename(pprocp->getCmdline()), llkBlacklistParent))) { | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 1011 | break; | 
|  | 1012 | } | 
|  | 1013 |  | 
|  | 1014 | if ((llkBlacklistUid.size() != 0) && llkSkipUid(procp->getUid())) { | 
|  | 1015 | continue; | 
|  | 1016 | } | 
|  | 1017 |  | 
|  | 1018 | // ABA mitigation watching last time schedule activity happened | 
|  | 1019 | llkCheckSchedUpdate(procp, piddir); | 
|  | 1020 |  | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 1021 | #ifdef __PTRACE_ENABLED__ | 
|  | 1022 | auto stuck = llkCheckStack(procp, piddir); | 
|  | 1023 | if (llkIsMonitorState(state)) { | 
|  | 1024 | if (procp->count >= llkStateTimeoutMs[(state == 'Z') ? llkStateZ : llkStateD]) { | 
|  | 1025 | stuck = true; | 
|  | 1026 | } else if (procp->count != 0ms) { | 
|  | 1027 | LOG(VERBOSE) << state << ' ' << llkFormat(procp->count) << ' ' << ppid << "->" | 
|  | 1028 | << pid << "->" << tid << ' ' << procp->getComm(); | 
|  | 1029 | } | 
|  | 1030 | } | 
|  | 1031 | if (!stuck) continue; | 
|  | 1032 | #else | 
|  | 1033 | if (procp->count >= llkStateTimeoutMs[(state == 'Z') ? llkStateZ : llkStateD]) { | 
|  | 1034 | if (procp->count != 0ms) { | 
|  | 1035 | LOG(VERBOSE) << state << ' ' << llkFormat(procp->count) << ' ' << ppid << "->" | 
|  | 1036 | << pid << "->" << tid << ' ' << procp->getComm(); | 
|  | 1037 | } | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 1038 | continue; | 
|  | 1039 | } | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 1040 | #endif | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 1041 |  | 
|  | 1042 | // We have to kill it to determine difference between live lock | 
|  | 1043 | // and persistent state blocked on a resource.  Is there something | 
|  | 1044 | // wrong with a process that has no forward scheduling progress in | 
|  | 1045 | // Z or D?  Yes, generally means improper accounting in the | 
|  | 1046 | // process, but not always ... | 
|  | 1047 | // | 
|  | 1048 | // Whomever we hit with a test kill must accept the Android | 
|  | 1049 | // Aphorism that everything can be burned to the ground and | 
|  | 1050 | // must survive. | 
|  | 1051 | if (procp->killed == false) { | 
|  | 1052 | procp->killed = true; | 
|  | 1053 | // confirm: re-read uid before committing to a panic. | 
|  | 1054 | procp->uid = -1; | 
|  | 1055 | switch (state) { | 
|  | 1056 | case 'Z':  // kill ppid to free up a Zombie | 
|  | 1057 | // Killing init will kernel panic without diagnostics | 
|  | 1058 | // so skip right to controlled kernel panic with | 
|  | 1059 | // diagnostics. | 
|  | 1060 | if (ppid == initPid) { | 
|  | 1061 | break; | 
|  | 1062 | } | 
|  | 1063 | LOG(WARNING) << "Z " << llkFormat(procp->count) << ' ' << ppid << "->" | 
|  | 1064 | << pid << "->" << tid << ' ' << procp->getComm() << " [kill]"; | 
|  | 1065 | if ((llkKillOneProcess(pprocp, procp) >= 0) || | 
|  | 1066 | (llkKillOneProcess(ppid, procp) >= 0)) { | 
|  | 1067 | continue; | 
|  | 1068 | } | 
|  | 1069 | break; | 
|  | 1070 |  | 
|  | 1071 | case 'D':  // kill tid to free up an uninterruptible D | 
|  | 1072 | // If ABA is doing its job, we would not need or | 
|  | 1073 | // want the following.  Test kill is a Hail Mary | 
|  | 1074 | // to make absolutely sure there is no forward | 
|  | 1075 | // scheduling progress.  The cost when ABA is | 
|  | 1076 | // not working is we kill a process that likes to | 
|  | 1077 | // stay in 'D' state, instead of panicing the | 
|  | 1078 | // kernel (worse). | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 1079 | default: | 
|  | 1080 | LOG(WARNING) << state << ' ' << llkFormat(procp->count) << ' ' << pid | 
|  | 1081 | << "->" << tid << ' ' << procp->getComm() << " [kill]"; | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 1082 | if ((llkKillOneProcess(llkTidLookup(pid), procp) >= 0) || | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 1083 | (llkKillOneProcess(pid, state, tid) >= 0) || | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 1084 | (llkKillOneProcess(procp, procp) >= 0) || | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 1085 | (llkKillOneProcess(tid, state, tid) >= 0)) { | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 1086 | continue; | 
|  | 1087 | } | 
|  | 1088 | break; | 
|  | 1089 | } | 
|  | 1090 | } | 
|  | 1091 | // We are here because we have confirmed kernel live-lock | 
|  | 1092 | LOG(ERROR) << state << ' ' << llkFormat(procp->count) << ' ' << ppid << "->" << pid | 
|  | 1093 | << "->" << tid << ' ' << procp->getComm() << " [panic]"; | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 1094 | llkPanicKernel(true, tid, | 
|  | 1095 | (state == 'Z') ? "zombie" : (state == 'D') ? "driver" : "sleeping"); | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 1096 | } | 
|  | 1097 | LOG(VERBOSE) << "+closedir()"; | 
|  | 1098 | } | 
|  | 1099 | llkTopDirectory.rewind(); | 
|  | 1100 | LOG(VERBOSE) << "closedir()"; | 
|  | 1101 |  | 
|  | 1102 | // garbage collection of old process references | 
|  | 1103 | for (auto p = tids.begin(); p != tids.end();) { | 
|  | 1104 | if (!p->second.updated) { | 
|  | 1105 | IF_ALOG(LOG_VERBOSE, LOG_TAG) { | 
|  | 1106 | std::string ppidCmdline = llkProcGetName(p->second.ppid, nullptr, nullptr); | 
|  | 1107 | if (ppidCmdline.size()) { | 
|  | 1108 | ppidCmdline = "(" + ppidCmdline + ")"; | 
|  | 1109 | } | 
|  | 1110 | std::string pidCmdline; | 
|  | 1111 | if (p->second.pid != p->second.tid) { | 
|  | 1112 | pidCmdline = llkProcGetName(p->second.pid, nullptr, p->second.getCmdline()); | 
|  | 1113 | if (pidCmdline.size()) { | 
|  | 1114 | pidCmdline = "(" + pidCmdline + ")"; | 
|  | 1115 | } | 
|  | 1116 | } | 
|  | 1117 | std::string tidCmdline = | 
|  | 1118 | llkProcGetName(p->second.tid, p->second.getComm(), p->second.getCmdline()); | 
|  | 1119 | if (tidCmdline.size()) { | 
|  | 1120 | tidCmdline = "(" + tidCmdline + ")"; | 
|  | 1121 | } | 
|  | 1122 | LOG(VERBOSE) << "thread " << p->second.ppid << ppidCmdline << "->" << p->second.pid | 
|  | 1123 | << pidCmdline << "->" << p->second.tid << tidCmdline << " removed"; | 
|  | 1124 | } | 
|  | 1125 | p = tids.erase(p); | 
|  | 1126 | } else { | 
|  | 1127 | ++p; | 
|  | 1128 | } | 
|  | 1129 | } | 
|  | 1130 | if (__predict_false(tids.empty())) { | 
|  | 1131 | llkTopDirectory.reset(); | 
|  | 1132 | } | 
|  | 1133 |  | 
|  | 1134 | llkCycle = llkCheckMs; | 
|  | 1135 |  | 
|  | 1136 | timespec end; | 
|  | 1137 | ::clock_gettime(CLOCK_MONOTONIC_COARSE, &end); | 
|  | 1138 | auto milli = llkGetTimespecDiffMs(&now, &end); | 
|  | 1139 | LOG((milli > 10s) ? ERROR : (milli > 1s) ? WARNING : VERBOSE) << "sample " << llkFormat(milli); | 
|  | 1140 |  | 
|  | 1141 | // cap to minimum sleep for 1 second since last cycle | 
|  | 1142 | if (llkCycle < (ms + 1s)) { | 
|  | 1143 | return 1s; | 
|  | 1144 | } | 
|  | 1145 | return llkCycle - ms; | 
|  | 1146 | } | 
|  | 1147 |  | 
|  | 1148 | unsigned llkCheckMilliseconds() { | 
|  | 1149 | return duration_cast<milliseconds>(llkCheck()).count(); | 
|  | 1150 | } | 
|  | 1151 |  | 
|  | 1152 | bool llkInit(const char* threadname) { | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 1153 | auto debuggable = android::base::GetBoolProperty("ro.debuggable", false); | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 1154 | llkLowRam = android::base::GetBoolProperty("ro.config.low_ram", false); | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 1155 | if (!LLK_ENABLE_DEFAULT && debuggable) { | 
| Mark Salyzyn | d035dbb | 2018-03-26 08:23:00 -0700 | [diff] [blame] | 1156 | llkEnable = android::base::GetProperty(LLK_ENABLE_PROPERTY, "eng") == "eng"; | 
|  | 1157 | khtEnable = android::base::GetProperty(KHT_ENABLE_PROPERTY, "eng") == "eng"; | 
|  | 1158 | } | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 1159 | llkEnable = android::base::GetBoolProperty(LLK_ENABLE_PROPERTY, llkEnable); | 
|  | 1160 | if (llkEnable && !llkTopDirectory.reset(procdir)) { | 
|  | 1161 | // Most likely reason we could be here is llkd was started | 
|  | 1162 | // incorrectly without the readproc permissions.  Keep our | 
|  | 1163 | // processing down to a minimum. | 
|  | 1164 | llkEnable = false; | 
|  | 1165 | } | 
|  | 1166 | khtEnable = android::base::GetBoolProperty(KHT_ENABLE_PROPERTY, khtEnable); | 
|  | 1167 | llkMlockall = android::base::GetBoolProperty(LLK_MLOCKALL_PROPERTY, llkMlockall); | 
| Mark Salyzyn | afd66f2 | 2018-03-19 15:16:29 -0700 | [diff] [blame] | 1168 | llkTestWithKill = android::base::GetBoolProperty(LLK_KILLTEST_PROPERTY, llkTestWithKill); | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 1169 | // if LLK_TIMOUT_MS_PROPERTY was not set, we will use a set | 
|  | 1170 | // KHT_TIMEOUT_PROPERTY as co-operative guidance for the default value. | 
|  | 1171 | khtTimeout = GetUintProperty(KHT_TIMEOUT_PROPERTY, khtTimeout); | 
|  | 1172 | if (khtTimeout == 0s) { | 
|  | 1173 | khtTimeout = duration_cast<seconds>(llkTimeoutMs * (1 + LLK_CHECKS_PER_TIMEOUT_DEFAULT) / | 
|  | 1174 | LLK_CHECKS_PER_TIMEOUT_DEFAULT); | 
|  | 1175 | } | 
|  | 1176 | llkTimeoutMs = | 
|  | 1177 | khtTimeout * LLK_CHECKS_PER_TIMEOUT_DEFAULT / (1 + LLK_CHECKS_PER_TIMEOUT_DEFAULT); | 
|  | 1178 | llkTimeoutMs = GetUintProperty(LLK_TIMEOUT_MS_PROPERTY, llkTimeoutMs); | 
|  | 1179 | llkValidate();  // validate llkTimeoutMs, llkCheckMs and llkCycle | 
|  | 1180 | llkStateTimeoutMs[llkStateD] = GetUintProperty(LLK_D_TIMEOUT_MS_PROPERTY, llkTimeoutMs); | 
|  | 1181 | llkStateTimeoutMs[llkStateZ] = GetUintProperty(LLK_Z_TIMEOUT_MS_PROPERTY, llkTimeoutMs); | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 1182 | #ifdef __PTRACE_ENABLED__ | 
|  | 1183 | llkStateTimeoutMs[llkStateStack] = GetUintProperty(LLK_STACK_TIMEOUT_MS_PROPERTY, llkTimeoutMs); | 
|  | 1184 | #endif | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 1185 | llkCheckMs = GetUintProperty(LLK_CHECK_MS_PROPERTY, llkCheckMs); | 
|  | 1186 | llkValidate();  // validate all (effectively minus llkTimeoutMs) | 
| Mark Salyzyn | 96505fa | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 1187 | #ifdef __PTRACE_ENABLED__ | 
|  | 1188 | if (debuggable) { | 
|  | 1189 | llkCheckStackSymbols = llkSplit( | 
|  | 1190 | android::base::GetProperty(LLK_CHECK_STACK_PROPERTY, LLK_CHECK_STACK_DEFAULT)); | 
|  | 1191 | } | 
|  | 1192 | std::string defaultBlacklistStack(LLK_BLACKLIST_STACK_DEFAULT); | 
|  | 1193 | if (!debuggable) defaultBlacklistStack += ",logd,/system/bin/logd"; | 
|  | 1194 | llkBlacklistStack = llkSplit( | 
|  | 1195 | android::base::GetProperty(LLK_BLACKLIST_STACK_PROPERTY, defaultBlacklistStack)); | 
|  | 1196 | #endif | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 1197 | std::string defaultBlacklistProcess( | 
|  | 1198 | std::to_string(kernelPid) + "," + std::to_string(initPid) + "," + | 
|  | 1199 | std::to_string(kthreaddPid) + "," + std::to_string(::getpid()) + "," + | 
|  | 1200 | std::to_string(::gettid()) + "," LLK_BLACKLIST_PROCESS_DEFAULT); | 
|  | 1201 | if (threadname) { | 
| Mark Salyzyn | 52e54a6 | 2018-08-07 08:13:13 -0700 | [diff] [blame] | 1202 | defaultBlacklistProcess += ","s + threadname; | 
| Mark Salyzyn | f089e14 | 2018-02-20 10:47:40 -0800 | [diff] [blame] | 1203 | } | 
|  | 1204 | for (int cpu = 1; cpu < get_nprocs_conf(); ++cpu) { | 
|  | 1205 | defaultBlacklistProcess += ",[watchdog/" + std::to_string(cpu) + "]"; | 
|  | 1206 | } | 
|  | 1207 | defaultBlacklistProcess = | 
|  | 1208 | android::base::GetProperty(LLK_BLACKLIST_PROCESS_PROPERTY, defaultBlacklistProcess); | 
|  | 1209 | llkBlacklistProcess = llkSplit(defaultBlacklistProcess); | 
|  | 1210 | if (!llkSkipName("[khungtaskd]")) {  // ALWAYS ignore as special | 
|  | 1211 | llkBlacklistProcess.emplace("[khungtaskd]"); | 
|  | 1212 | } | 
|  | 1213 | llkBlacklistParent = llkSplit(android::base::GetProperty( | 
|  | 1214 | LLK_BLACKLIST_PARENT_PROPERTY, std::to_string(kernelPid) + "," + std::to_string(kthreaddPid) + | 
|  | 1215 | "," LLK_BLACKLIST_PARENT_DEFAULT)); | 
|  | 1216 | llkBlacklistUid = | 
|  | 1217 | llkSplit(android::base::GetProperty(LLK_BLACKLIST_UID_PROPERTY, LLK_BLACKLIST_UID_DEFAULT)); | 
|  | 1218 |  | 
|  | 1219 | // internal watchdog | 
|  | 1220 | ::signal(SIGALRM, llkAlarmHandler); | 
|  | 1221 |  | 
|  | 1222 | // kernel hung task configuration? Otherwise leave it as-is | 
|  | 1223 | if (khtEnable) { | 
|  | 1224 | // EUID must be AID_ROOT to write to /proc/sys/kernel/ nodes, there | 
|  | 1225 | // are no capability overrides.  For security reasons we do not want | 
|  | 1226 | // to run as AID_ROOT.  We may not be able to write them successfully, | 
|  | 1227 | // we will try, but the least we can do is read the values back to | 
|  | 1228 | // confirm expectations and report whether configured or not. | 
|  | 1229 | auto configured = llkWriteStringToFileConfirm(std::to_string(khtTimeout.count()), | 
|  | 1230 | "/proc/sys/kernel/hung_task_timeout_secs"); | 
|  | 1231 | if (configured) { | 
|  | 1232 | llkWriteStringToFile("65535", "/proc/sys/kernel/hung_task_warnings"); | 
|  | 1233 | llkWriteStringToFile("65535", "/proc/sys/kernel/hung_task_check_count"); | 
|  | 1234 | configured = llkWriteStringToFileConfirm("1", "/proc/sys/kernel/hung_task_panic"); | 
|  | 1235 | } | 
|  | 1236 | if (configured) { | 
|  | 1237 | LOG(INFO) << "[khungtaskd] configured"; | 
|  | 1238 | } else { | 
|  | 1239 | LOG(WARNING) << "[khungtaskd] not configurable"; | 
|  | 1240 | } | 
|  | 1241 | } | 
|  | 1242 |  | 
|  | 1243 | bool logConfig = true; | 
|  | 1244 | if (llkEnable) { | 
|  | 1245 | if (llkMlockall && | 
|  | 1246 | // MCL_ONFAULT pins pages as they fault instead of loading | 
|  | 1247 | // everything immediately all at once. (Which would be bad, | 
|  | 1248 | // because as of this writing, we have a lot of mapped pages we | 
|  | 1249 | // never use.) Old kernels will see MCL_ONFAULT and fail with | 
|  | 1250 | // EINVAL; we ignore this failure. | 
|  | 1251 | // | 
|  | 1252 | // N.B. read the man page for mlockall. MCL_CURRENT | MCL_ONFAULT | 
|  | 1253 | // pins ⊆ MCL_CURRENT, converging to just MCL_CURRENT as we fault | 
|  | 1254 | // in pages. | 
|  | 1255 |  | 
|  | 1256 | // CAP_IPC_LOCK required | 
|  | 1257 | mlockall(MCL_CURRENT | MCL_FUTURE | MCL_ONFAULT) && (errno != EINVAL)) { | 
|  | 1258 | PLOG(WARNING) << "mlockall failed "; | 
|  | 1259 | } | 
|  | 1260 |  | 
|  | 1261 | if (threadname) { | 
|  | 1262 | pthread_attr_t attr; | 
|  | 1263 |  | 
|  | 1264 | if (!pthread_attr_init(&attr)) { | 
|  | 1265 | sched_param param; | 
|  | 1266 |  | 
|  | 1267 | memset(¶m, 0, sizeof(param)); | 
|  | 1268 | pthread_attr_setschedparam(&attr, ¶m); | 
|  | 1269 | pthread_attr_setschedpolicy(&attr, SCHED_BATCH); | 
|  | 1270 | if (!pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED)) { | 
|  | 1271 | pthread_t thread; | 
|  | 1272 | if (!pthread_create(&thread, &attr, llkThread, const_cast<char*>(threadname))) { | 
|  | 1273 | // wait a second for thread to start | 
|  | 1274 | for (auto retry = 50; retry && !llkRunning; --retry) { | 
|  | 1275 | ::usleep(20000); | 
|  | 1276 | } | 
|  | 1277 | logConfig = !llkRunning;  // printed in llkd context? | 
|  | 1278 | } else { | 
|  | 1279 | LOG(ERROR) << "failed to spawn llkd thread"; | 
|  | 1280 | } | 
|  | 1281 | } else { | 
|  | 1282 | LOG(ERROR) << "failed to detach llkd thread"; | 
|  | 1283 | } | 
|  | 1284 | pthread_attr_destroy(&attr); | 
|  | 1285 | } else { | 
|  | 1286 | LOG(ERROR) << "failed to allocate attibutes for llkd thread"; | 
|  | 1287 | } | 
|  | 1288 | } | 
|  | 1289 | } else { | 
|  | 1290 | LOG(DEBUG) << "[khungtaskd] left unconfigured"; | 
|  | 1291 | } | 
|  | 1292 | if (logConfig) { | 
|  | 1293 | llkLogConfig(); | 
|  | 1294 | } | 
|  | 1295 |  | 
|  | 1296 | return llkEnable; | 
|  | 1297 | } |